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IN THE CLAIMS: 

The following list of claims replaces all prior 
versions and listings of claims in the application. 

Claim 1. (currently amended) A system comprising: 

a plurality of certificate authorities (CAs) in which 
each CA maintains and distributes digital certificates 
revoked by itself in the form of a certificate revocation 
list (CRL) , and different CAs may use different CRL 
distribution mechanisms; 

multiple CRL retrieval agents configured to 
periodically retrieve CRLs at time intervals from 
different CAs using — a — plurality — — CRL — retrieval — agents 
based on the CRL distribution mechanisms of CAs ; 

a plurality of CRL databases for storing the 
consolidated CRLs from the multiple CRL retrieval agents 
and/or the replications of CRLs, the CRL databases storing 
at least one individually identifiable revoked digital 
certificate; and 

a CRL access user interface for providing a uniform 
set of Application Program Interfaces for users accessing 
the CRLs in the CRL database, said system enabling 
consolidation and access of the certificate revocation 
lists (CRLs) from the plurality of certificate authorities 
(CAs) . 
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Claim 2. (original) A system according to claim 1, 

wherein said plurality of CRL databases include a central 
CRL database and a plurality of CRL replication databases, 
said central CRL database for storing the consolidated 
CRLs from the multiple CRL retrieval agents, and said 
plurality of CRL replication databases for storing the 
replications of the CRLs of the central CRL database. 

Claim 3. (original) A system according to claim 1, 

wherein said plurality of CRL retrieval agents include a 
LDAP/CRL retrieval agent, for periodically retrieving CRLs 
from specified LDAP servers and updating the CRL 
databases . 

Claim 4. (original) A system according to claim 1, 

wherein said plurality of CRL retrieval agents include a 
HTTP/CRL retrieval agent, for periodically retrieving CRLs 
from specified HTTP servers and updating the CRL database. 

Claim 5. (previously presented) A system according to 
claim 1, wherein said plurality of CRL retrieval agents 
include a RFC1424/CRL retrieval agents, for periodically 
sending Request For Comments 1 4 2 4 /Cert i f icate-Revocat ion 
List retrieval request and receiving CRL retrieval reply. 
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Claim 6. (original) A system according to claim 1, 

wherein said plurality of CRL retrieval agents include a 
Http retrieval agent triggered by a HTTP request, said 
Http receiver agent verifies an authorization of the 
requester, if successful, said agent stores each 
transmitted CRL in the CRL databases. 

Claim 7. (original) A system according to claim 1, 

wherein said plurality of CRL retrieval agents further 

verifies the integrity and the authenticity of the 
retrieved CRLs . 

Claim 8. (original) A system according to claim 1, 

wherein a particular replication architecture is used 
among said plurality of CRL databases in order to maintain 
database consistency. 

Claim 9. (previously presented) A system according to 
claim 2, wherein a hub-and-spoke replication architecture 
is used among said central CRL database and said plurality 
of CRL replication databases. 

Claim 10. (previously presented) A system according to 
claim 1, wherein said system is also adapted for 
consolidating and accessing at least one kind of revoked 
certificate list. 
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Claim 11. (previously presented) In a secure network 
implemented by digital certificates, a method for 
certificate revocation list (CRL) consolidation and 
access, wherein a plurality of certificate authorities 
(CAs) maintain and distribute the digital certificates 
revoked by themselves in the form of CRLs, and different 
CAs may use different CRL distribution mechanisms, said 
method comprising the steps of: 

periodically retrieving CRLs at time intervals from 
different CAs using a plurality of CRL retrieval agents 
based on the CRL distribution mechanisms of CAs; 

consolidating the CRLs from multiple CAs ; 

storing the consolidated CRLs from multiple CRL 
retrieval agents or the replications of CRLs into a 
plurality of CRL databases, the consolidated CRLs 
including at least one individually identifiable revoked 
digital certificate; and 

accessing the CRLs from the CRL databases by a 
uniform set of Application Program Interfaces. 

Claim 12. (original) A method according to claim 
11, said plurality of CRL databases include a central CRL 
database and a plurality of CRL replication database, said 
central CRL database for storing the consolidated CRLs 
from multiple CRL retrieval agents and said plurality of 
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CRL replication database for storing the replications of 
the CRLs of the central database. 

Claim 13. (previously presented) A method according to 
claim 11, wherein said method is also adapted for 
consolidation and accessing all kinds of revoked 
certificate lists. 

Claim 14. (previously presented) An article of 
manufacture comprising a computer usable medium having 
computer readable program code means embodied therein for 
causing certificate revocation list (CRL) consolidation 
and access, the computer readable program code means in 
said article of manufacture comprising computer readable 
program code means for causing a computer to effect the 
steps of claim 11. 

Claim 15. (original) A computer program product 
comprising a computer usable medium having computer 
readable program code means embodied therein for causing 
certificate revocation list (CRL) consolidation and 
access, the computer readable program code means in said 
computer program product comprising computer readable 
program code means for causing a computer to effect the 
steps of claim 11. 
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Claim 16. (cancelled) 



Claim 17. (original) 



A program storage device 



readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform method 
steps for certificate revocation list (CRL) consolidation 
and access, said method steps comprising the steps of 
claim 1 1 . 

Claim 18. (previously presented) A method comprising: 
employing a secure network implemented by digital 
certificates for certificate revocation list (CRL) 
consolidation and access, with a plurality of certificate 
authorities (CAs) maintaining and distributing the digital 



wherein different CAs may use different CRL distribution 
mechanisms, including the steps of: 

creating a plurality of CRL retrieval agents based on 
the CRL distribution mechanisms of CAs, the retrieval 
agents configured to periodically retrieve CRLs at time 
intervals from the different CAs and to consolidate the 
CRLs from multiple CAs ; 

storing the consolidated CRLs from multiple CRL 
retrieval agents or the replications of CRLs into a 
plurality of CRL databases, the consolidated CRLs 
including at least one individually identifiable revoked 
digital certificate; and 





revoked by themsel ves in the form of CRLs, 
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accessing the CRLs form the CRL databases by a 
uniform set of Application Program Interfaces. 

Claim 19. (original) A program storage device 
readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform method 
steps for certificate revocation list (CRL) consolidation 
and access, said method steps comprising the steps of 
claim 18. 

Claim 20. (original) An article of manufacture 
comprising a computer usable medium having computer 
readable program code means embodied therein for causing 
certificate revocation list (CRL) consolidation and 
access, the computer readable program code means in said 
article of manufacture comprising computer readable 
program code means for causing a computer to effect the 
steps of claim 18. 

Claim 21. (original) A computer program product 
comprising a computer usable medium having computer 
readable program code means embodied therein for causing 
certificate revocation list (CRL) consolidation and 
access, the computer readable program code means in said 
computer program product comprising computer readable 
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program code means for causing a computer to effect the 
steps of claim 18. 



